Scanned pages/files
Request | Server response | Status |
http://xn--lrasigtyska-l8a.com/ | 200 OK Content-Length: 9358 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: HACKED BY BODA DOS ...[729 bytes skipped]... retanje = true; } else { bezporuke = 0; slporuka++ if (slporuka == poruka.length) slporuka = 0; vremeid = setTimeout("prikaz()", pauzapor); kretanje = true; } } function stop() { if (kretanje) clearTimeout(vremeid); kretanje = false } function start() { stop(); prikaz(); } start(); </script> <title>HACKED BY BODA DOS</title> <center> <center> <img style="width:595px;height:231px" src="http://3.bp.blogspot.com/-nDdoioaIkJE/UoXyfkChLKI/AAAAAAAAAGc/Kv8OMPMHJdY/s1600/1069229_543628382390168_1614792291_n.jpg" /> <br /><br> <div id="example1"> <p align="center"></p> </div> <script language="JavaScript"> /* An object-oriente ...[9186 bytes skipped]... | ||
http://xn--lrasigtyska-l8a.com/test404page.js | 404 Not Found Content-Length: 2783 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: xn--lrasigtyska-l8a.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=300
Connection: close
Date: Wed, 14 Jan 2015 01:55:43 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Expires: Wed, 14 Jan 2015 02:00:43 GMT
X-Powered-By: PHP/5.4.35
GET / HTTP/1.1
Host: xn--lrasigtyska-l8a.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=300
Connection: close
Date: Wed, 14 Jan 2015 01:55:43 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Expires: Wed, 14 Jan 2015 02:00:43 GMT
X-Powered-By: PHP/5.4.35
Second query (visit from search engine):
GET / HTTP/1.1
Host: xn--lrasigtyska-l8a.com
Referer: http://www.google.com/search?q=xn--lrasigtyska-l8a.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: xn--lrasigtyska-l8a.com
Referer: http://www.google.com/search?q=xn--lrasigtyska-l8a.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=xn--lrasigtyska-l8a.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://xn--lrasigtyska-l8a.com/
Result: xn--lrasigtyska-l8a.com is not infected or malware details are not published yet.
Result: xn--lrasigtyska-l8a.com is not infected or malware details are not published yet.